Backing up and Restoring an EventLog Analyzer instance | Online help - EventLog Analyzer

How to backup and restore an EventLog Analyzer instance?

Backup Process:

IMPORTANT: A backup of EventLog Analyzer should not be taken when the instance is running.

  1. Stop the ManageEngine EventLog Analyzer service.

  2. Open a command prompt with admin privileges.

  3. Navigate to <dir>:\ManageEngine\EventLog Analyzer\bin.

  4. Execute the following commands to ensure that the instance is completely shut down:

    1. shutdown.bat

    2. stopDB.bat

    3. stopSEC.bat

  5. In the same cmd window, navigate to <dir>:\ManageEngine\EventLog Analyzer\ES\bin or <dir>:\ManageEngine\elasticsearch\ES\bin.

  6. Execute the following command to ensure that the Elasticsearch engine is stopped.

    1. StopES.bat

  7. Open Task Manager ⇾ Details tab and ensure that the wrapper.exe, SysEvtCol.exe, postgres.exe, and java.exe processes are not running from EventLog Analyzer installation directory path. If they are running, end the task manually.

  8. Take a copy of the entire ManageEngine\EventLog Analyzer as well as ManageEngine\Elasticsearch directory or take a snapshot of the Virtual Machine.

  9. Now that the backup is complete, start the ManageEngine EventLog Analyzer service.

  10. Then, go to the <dir>:\ManageEngine\EventLog Analyzer\logs folder open wrapper.log file go to the end of the document check for the line "Connect to: [http://localhost:8400]". This ensures that all the modules are started and the instance is up and running. 

Note: Full backup (periodical) of the EventLog Analyzer server is always recommended, in case of product disaster recovery.

For Database backup, please refer to the instructions provided here.
Restoration Process:
  1. Copy the backed up folder to the original location.

  2. Open a command prompt with administrator privilege.

  3. Navigate to <dir>:\ManageEngine\EventLog Analyzer\bin.

  4. Execute initpgsql.bat.

  5. Make sure the service is installed, if it is a new path.

  6. Start the ManageEngine EventLog Analyzer service.

  7. Or else, you can simply restore the VM Snapshot and start the ManageEngine EventLog Analyzer service.

                    New to ADSelfService Plus?

                      • Related Articles

                      • Introduction to EventLog Analyzer

                        What is log management?  An enterprise network consists of different entities—perimeter devices, workstations, servers, applications, and more. Each entity records every activity that unfolds within it in the form of logs. These logs hold information ...
                      • How to apply a license file in the EventLog Analyzer instance?

                        Follow these steps to apply a license file to an EventLog Analyzer instance: Open the EventLog Analyzer GUI and login as Default Admin. Click on the ? icon in the right-top corner. Navigate to the License option. Browse and choose the license file ...
                      • What are the steps for EventLog Analyzer instance migration from one server to another?

                        Stop EventLog Analyzer service (Start --> Run --> type services.msc ---> Stop "ManageEngine EventLog Analyzer"). Open the command prompt and navigate to <Installation Folder>EventLog Analyzer\bin and execute the below commands: Shutdown.bat, ...
                      • How to deploy EventLog Analyzer as a service?

                        EventLog Analyzer as a service can be deployed in two ways:   Via the command prompt: Establish a remote connection with the server where EventLog Analyzer is installed. Open the command prompt with Admin privileges. Navigate to ...
                      • How to upgrade the EventLog Analyzer Agent?

                        Usually, an agent upgrade would happen automatically if the credentials provided for agents under the "Manage agents" section are valid or has the appropriate rights for accessing services or logs in the agent machine. However, in recent builds ...